Removing failed 2008R2 DC from ADUC after running /forceremoval

DCDIAG reported a DC had exceeded its replication tombstone. We attempted to gracefully remove AD using DCPROMO with no luck. So we disconnected it from the network, ran /forceremoval (worked), then went into AD to remove the remnants. Took it out of ADS&S no problem, removed all DNS records no problem, but attempted to remove it from the Domain Controllers container in ADUC and got a pop-up that said:

Apparently it's true that Windows Server 2008R2 will automatically remove metadata - the object is now gone from ADUC without my further intervention. I will still run ADSIUTIL to see if I have any vestigial metadata, but it appears AD is now clean.

0

Featured Post

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…

This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

Are you ready to implement Active Directory best practices without reading 300+ pages?
You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…